[feature] install blazer

global admins can now access [Blazer](https://github.com/ankane/blazer), for running SQL queries for BI and Data Science purposes: <img width="1728" alt="Screen Shot 2024-11-30 at 5 21 25 PM" src="https://github.com/user-attachments/assets/12bd90df-603c-4523-90f1-0ee78bc187ce"> renders tables from your SQL: <img width="1728" alt="Screen Shot 2024-11-30 at 5 21 51 PM" src="https://github.com/user-attachments/assets/d1c881fc-6091-4df8-a36f-ca5ef9dbf3d9"> and charts: <img width="1728" alt="Screen Shot 2024-11-30 at 5 47 33 PM" src="https://github.com/user-attachments/assets/191e74a7-b7fb-4a4d-9b2d-be4203e05f62"> scatter plots: <img width="1728" alt="Screen Shot 2024-11-30 at 5 41 23 PM" src="https://github.com/user-attachments/assets/4e4cc50e-2f1b-4887-8dfb-7cde1c97147b"> and dashboards! <img width="1728" alt="Screen Shot 2024-11-30 at 5 45 56 PM" src="https://github.com/user-attachments/assets/9d252a5b-1f4b-4e71-a4c3-bb69b0416385">
restarone · Nov 30, 2024 · fd8019e · fd8019e
1 parent aa064fb
commit fd8019e
Show file tree

Hide file tree

Showing 11 changed files with 202 additions and 6 deletions.
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -58,7 +58,7 @@ jobs:
         with:
           node-version: 14.x
       - name: Add public IP to AWS security group
-        uses: uxxman/aws-security-group-add-ip-action@patch-1
+        uses: sohelamin/aws-security-group-add-ip-action@master
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

diff --git a/.github/workflows/dokku-clean-review-apps.yml b/.github/workflows/dokku-clean-review-apps.yml
@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Add public IP to AWS security group
-        uses: uxxman/aws-security-group-add-ip-action@patch-1
+        uses: sohelamin/aws-security-group-add-ip-action@master
         with:
           aws-access-key-id: ${{ secrets.DOKKU_AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.DOKKU_AWS_SECRET_ACCESS_KEY }}

diff --git a/.github/workflows/dokku-deploy.yml b/.github/workflows/dokku-deploy.yml
@@ -20,7 +20,7 @@ jobs:
           fetch-depth: 0
 
       - name: Add public IP to AWS security group
-        uses: uxxman/aws-security-group-add-ip-action@patch-1
+        uses: sohelamin/aws-security-group-add-ip-action@master
         with:
           aws-access-key-id: ${{ secrets.DOKKU_AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.DOKKU_AWS_SECRET_ACCESS_KEY }}
@@ -49,7 +49,7 @@ jobs:
           fetch-depth: 0
 
       - name: Add public IP to AWS security group
-        uses: uxxman/aws-security-group-add-ip-action@patch-1
+        uses: sohelamin/aws-security-group-add-ip-action@master
         with:
           aws-access-key-id: ${{ secrets.DOKKU_AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.DOKKU_AWS_SECRET_ACCESS_KEY }}
@@ -114,7 +114,7 @@ jobs:
     if: github.event_name == 'pull_request' && ((github.event.action == 'closed' && contains(github.event.pull_request.labels.*.name, 'deploy-review-app')) || (github.event.pull_request.state == 'open' && github.event.action == 'unlabeled' && needs.checklabel.outputs.deploy_review_app_removed))
     steps:
       - name: Add public IP to AWS security group
-        uses: uxxman/aws-security-group-add-ip-action@patch-1
+        uses: sohelamin/aws-security-group-add-ip-action@master
         with:
           aws-access-key-id: ${{ secrets.DOKKU_AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.DOKKU_AWS_SECRET_ACCESS_KEY }}

diff --git a/Gemfile b/Gemfile
@@ -128,3 +128,5 @@ gem "strong_migrations"
 gem "simple_calendar", "~> 3.0"
 
 gem "icalendar", "~> 2.9"
+
+gem "blazer", "~> 2.6"
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -136,6 +136,11 @@ GEM
     bcrypt (3.1.16)
     bcrypt_pbkdf (1.1.0)
     bindex (0.8.1)
+    blazer (2.6.5)
+      activerecord (>= 5)
+      chartkick (>= 3.2)
+      railties (>= 5)
+      safely_block (>= 0.1.1)
     bootsnap (1.7.3)
       msgpack (~> 1.0)
     builder (3.2.4)
@@ -515,6 +520,7 @@ DEPENDENCIES
   apartment-activejob
   aws-sdk-s3
   bcrypt_pbkdf (>= 1.0, < 2.0)
+  blazer (~> 2.6)
   bootsnap (>= 1.7.3)
   byebug
   capistrano

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -29,6 +29,10 @@ def after_accept_path_for(resource)
       return root_url(subdomain: Apartment::Tenant.current)
     end
   end
+
+  def require_global_admin
+    redirect_to root_path unless current_user && current_user.global_admin?
+  end
 
 
   private

diff --git a/app/views/comfy/admin/cms/partials/_navigation_inner.haml b/app/views/comfy/admin/cms/partials/_navigation_inner.haml
@@ -18,4 +18,6 @@
         = link_to "Blog", '/blog', class: 'dropdown-item', target: '_blank'
       - if Subdomain.current.forum_enabled
         = link_to "Forum", '/forum', class: 'dropdown-item', target: '_blank'
+      - if current_user.global_admin?
+        = link_to "Blazer BI", '/admin/blazer', class: 'dropdown-item', target: '_blank'
   = link_to "Logout", destroy_user_session_path, class: 'nav-link text-danger', method: :delete
diff --git a/config/blazer.yml b/config/blazer.yml
@@ -0,0 +1,78 @@
+# see https://github.com/ankane/blazer for more info
+
+data_sources:
+  main:
+    url: <%= ENV['DATABASE_HOST'] ? "postgres://#{ENV['DATABASE_USERNAME']}:#{ENV['DATABASE_PASSWORD']}@#{ENV['DATABASE_HOST']}:#{ENV['DATABASE_PORT']}/#{ENV['DATABASE_NAME']}" : ENV['DATABASE_URL'] %>
+    # statement timeout, in seconds
+    # none by default
+    # timeout: 15
+
+    # caching settings
+    # can greatly improve speed
+    # off by default
+    # cache:
+    #   mode: slow # or all
+    #   expires_in: 60 # min
+    #   slow_threshold: 15 # sec, only used in slow mode
+
+    # wrap queries in a transaction for safety
+    # not necessary if you use a read-only user
+    # true by default
+    # use_transaction: false
+
+    smart_variables:
+      # zone_id: "SELECT id, name FROM zones ORDER BY name ASC"
+      # period: ["day", "week", "month"]
+      # status: {0: "Active", 1: "Archived"}
+
+    linked_columns:
+      # user_id: "/admin/users/{value}"
+
+    smart_columns:
+      # user_id: "SELECT id, name FROM users WHERE id IN {value}"
+
+# create audits
+audit: true
+
+# change the time zone
+# time_zone: "Pacific Time (US & Canada)"
+
+# class name of the user model
+# user_class: User
+
+# method name for the current user
+# user_method: current_user
+
+# method name for the display name
+# user_name: name
+
+# custom before_action to use for auth
+before_action_method: require_global_admin
+
+# email to send checks from
+# from_email: blazer@example.org
+
+# webhook for Slack
+# slack_webhook_url: <%= ENV["BLAZER_SLACK_WEBHOOK_URL"] %>
+
+check_schedules:
+  - "1 day"
+  - "1 hour"
+  - "5 minutes"
+
+# enable anomaly detection
+# note: with trend, time series are sent to https://trendapi.org
+# anomaly_checks: prophet / trend / anomaly_detection
+
+# enable forecasting
+# note: with trend, time series are sent to https://trendapi.org
+# forecasting: prophet / trend
+
+# enable map
+# mapbox_access_token: <%= ENV["MAPBOX_ACCESS_TOKEN"] %>
+
+# enable uploads
+# uploads:
+#   url: <%= ENV["BLAZER_UPLOADS_URL"] %>
+#   schema: uploads
+#   data_source: main
diff --git a/config/routes.rb b/config/routes.rb
@@ -128,6 +128,7 @@ def self.matches?(request)
       mount Sidekiq::Web => '/sidekiq'
       mount GraphiQL::Rails::Engine, at: "/graphiql", graphql_path: "/graphql"
       get 'web_console', to: 'web_console#index'
+      mount Blazer::Engine, at: "blazer"
     end
     resources :subdomain_requests, except: [:new, :create] do
       member do

diff --git a/db/migrate/20241130190941_install_blazer.rb b/db/migrate/20241130190941_install_blazer.rb
@@ -0,0 +1,47 @@
+class InstallBlazer < ActiveRecord::Migration[6.1]
+  def change
+    create_table :blazer_queries do |t|
+      t.references :creator
+      t.string :name
+      t.text :description
+      t.text :statement
+      t.string :data_source
+      t.string :status
+      t.timestamps null: false
+    end
+
+    create_table :blazer_audits do |t|
+      t.references :user
+      t.references :query
+      t.text :statement
+      t.string :data_source
+      t.datetime :created_at
+    end
+
+    create_table :blazer_dashboards do |t|
+      t.references :creator
+      t.string :name
+      t.timestamps null: false
+    end
+
+    create_table :blazer_dashboard_queries do |t|
+      t.references :dashboard
+      t.references :query
+      t.integer :position
+      t.timestamps null: false
+    end
+
+    create_table :blazer_checks do |t|
+      t.references :creator
+      t.references :query
+      t.string :state
+      t.string :schedule
+      t.text :emails
+      t.text :slack_channels
+      t.string :check_type
+      t.text :message
+      t.datetime :last_run_at
+      t.timestamps null: false
+    end
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
Original file line number	Diff line number	Diff line change
Expand Up		@@ -128,3 +128,5 @@ gem "strong_migrations"
		gem "simple_calendar", "~> 3.0"

		gem "icalendar", "~> 2.9"

		gem "blazer", "~> 2.6"
-Original file line number
+Diff line change
@@ Expand Up / @@ -29,6 +29,10 @@ def after_accept_path_for(resource) @@
           return root_url(subdomain: Apartment::Tenant.current)
         end
       end
+      def require_global_admin
+        redirect_to root_path unless current_user && current_user.global_admin?
+      end
       private
@@ Expand Down @@